06-16-2016 05:40 AM
Hello,
we are running ISE 1.4 with anyconnect version 4 . one of the requirements is to check symantec definition if it's up to date or not
the condition in ISE is predefined all i can do is to choose AV type and version so the question is how anyconnect checks for the AV definition date ? file path or registry path ?
we are using Symantec Endpoint protection SEP 12.1
Solved! Go to Solution.
06-16-2016 08:27 AM
Depends on the vendor. Any connect reaches out to middleware (compliance module) that has all the vendor information. I don't have direct access to that but I searched on internet and found this;
06-16-2016 08:27 AM
Depends on the vendor. Any connect reaches out to middleware (compliance module) that has all the vendor information. I don't have direct access to that but I searched on internet and found this;
06-16-2016 08:38 AM
Cisco and other vendors use another organization OPSWAT who provide certification of 3rd party software like this for AV, AS, Host IPS , Host Firewall, etc. OPSWAT goes through the determination of make and version of AV. Then, OPSWAT provides the data to Cisco which Cisco periodically publishes and then you download to your clients. They key here is that there are multiple parties involved ...
!) AV vendor releases software
2) OPSWAT has a timeframe that they test and certify but do not release the data ad-hoc. Its periodic and cyclic.
3) Cisco gets the data and packages/releases to public
4) Customer updates their clients
FYI, OPSWAT also has a verification tool that you can leverage to determine if AV/AS software is detected based on their modules.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: